Vulnerability Description
A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosing
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Southrivertech | Titan Mft Server | < 2.0.18 |
| Southrivertech | Titan Sftp Server | < 2.0.18 |
Related Weaknesses (CWE)
References
- https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issVendor Advisory
- https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-riExploitThird Party Advisory
- https://helpdesk.southrivertech.com/portal/en/kb/articles/security-patch-for-issVendor Advisory
- https://www.rapid7.com/blog/post/2023/10/16/multiple-vulnerabilities-in-south-riExploitThird Party Advisory
FAQ
What is CVE-2023-45687?
CVE-2023-45687 is a vulnerability with a CVSS score of 8.8 (HIGH). A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an admini...
How severe is CVE-2023-45687?
CVE-2023-45687 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-45687?
Check the references section above for vendor advisories and patch information. Affected products include: Southrivertech Titan Mft Server, Southrivertech Titan Sftp Server.